CVE-2022-50790 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Radio Stream Disclosure

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated vulnerability that allows remote attackers to access live radio stream information through webplay or ffmpeg scripts. Attackers can exploit the vulnerability by calling specific web scripts to disclose radio stream...

PT-2025-54238

Name of the Vulnerable Software and Affected Versions SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below Description A vulnerability exists that allows remote attackers to access live radio stream information without authentication. Attackers can exploit this by calling specific web scripts to...

Redisgraph Security Vulnerabilities

Redisgraph is a graph model-based database from the Redisgraph community. A security vulnerability exists in RedisGraph versions v.2.x through v.2.12.8. An attacker could exploit the vulnerability to execute arbitrary code via code logic after valid authentication...

CVE-2022-30535

In versions 2.x before 2.3.0 and all versions of 1.x, An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CISOfy Lynis Information Disclosure Vulnerability

CISOfy Lynis is a system security auditing tool from CISOfy Netherlands that supports multiple platforms. A security vulnerability exists in CISOfy Lynis versions 2.x through 2.7.5. The vulnerability can be exploited by an attacker to obtain a license key by observing a list of processes...

MantisBT Cross-Site Scripting Vulnerability (CNVD-2018-14790)

MantisBT is a Web-based open source defect tracking system of the MantisBT team . The system provides project management and defect tracking services in the form of Web operations. A cross-site scripting vulnerability exists in the managefiltereditpage.php file on the Edit Filter page in MantisBT...

Icinga elevation of privilege vulnerability (CNVD-2018-05430)

Icinga is a set of enterprise-grade open source monitoring system from the Icinga project, a product between the Nagios Community Edition and Enterprise Edition. A security vulnerability exists in Icinga versions 2.x through 2.8.1. A local attacker can exploit the vulnerability to terminate...

Icinga Elevation of Privilege Vulnerability

Icinga is a set of enterprise-grade open source monitoring system from the Icinga project, a product between the Nagios Community Edition and Enterprise Edition. A security vulnerability exists in etc/initsystem/prepare-dirs in Icinga versions 2.x through 2.8.0. A local attacker could exploit thi...

OpenOffice.org: Integer signedness error (crash) by processing certain RTF tags

Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted tags in an RTF document...